Method and apparatus of drm systems for protecting enterprise confidentiality

Abstract

One aspect of the present invention discloses a device for content security. The device includes: an application execution unit configured to generate and control content in response to a content control command requested by a user; and a DRM agent configured to communicate with the application execution unit, to detect the content control command generated by the application execution unit, and to perform control on the content, and the DRM agent comprises a tracing module configured to insert security information into the content in order to prevent and trace content leakage.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS[0001]This application claims the benefit of U.S. Provisional Application Ser. No. 62 / 335,660, filed May 12, 2016, U.S. Provisional Application Ser. No. 62 / 367,644, filed Jul. 27, 2016, U.S. Provisional Application Ser. No. 62 / 368,145, filed Jul. 28, 2016 and U.S. Provisional Application Ser. No. 62 / 372,320, filed Aug. 9, 2016.BACKGROUND OF THE INVENTIONField of the Invention[0002]The present invention relates to a content security system, and more particularly, to a DRM system for protecting enterprise confidentiality.Discussion of the Related Art[0003]Since commercial computer systems, such as IBM mainframe computer or DEC PDP minicomputer, came in the market in 1960s and 1970s, definition of computing devices has been continuously extended to include various autonomous machines. If Merriam Webster's definition of the computer as ‘an electronic machine that can store and work with large amounts of information’ is applied, many devices current...

AI Technical Summary

Benefits of technology

[0042]In accordance with an embodiment of the present invention, a device for content security may comprise an application execution unit configured to generate and control content in response to a content control command requested by a user; and a DRM agent configured to communicate with the application execution unit, to detect the content control command generated by the application execution unit, and to perform control on the content, and the DRM agent comprises a tracing module configured to insert security information into the content in order to prevent and trace content leakage.

[0067]In accordance with another embodiment of the present invention, an operating method of a device for content security may comprise controlling content in response to a content control command requested by a user; and communicating, by a DRM agent, with an application execution unit, detecting the content control command generated by the application execution unit, and performing control on the content, and performing the control on the content comprises inserting, by a tracing module, security information into the content in order to prevent and trace content leakage.

Problems solved by technology

Even if DRM technology was very effective in preventing illegal distribution of on-line digital content, appearance of various P2P sites, such as Napster, Gnutella, Gossip, Kazaa, Sori-Bada, and e-Donkey, made DRM technology less productive.

However, with rapid advancement of micro devices and popular use of smart phones, it has become evident that enterprise DRM cannot handle the evolving ICT environment and malicious attempts using a camera, a camcorder, spying devices, and smart phones.

DRM technology is lacking of tracing capability required for printed contents, copied content, or photo-taken contents.

Even if there have been various attempts to detect APT attacks through SandBox model of FireEye, TrendMicro, Paloalto Networks, Fortinet, Checkpoint, BlueCoat, malware related to APT attack is very difficult to detect timely.

Considering various communications channels and computing devices including wearable devices and internet-connected TV, refrigerator, automobile, there are too many security holes.

Mobile security has unique challenges that require different solutions than existing programs offer.

These can include improper disposal of company information, misconfiguration of IT systems, and lost and stolen assets such as laptops and smartphones.

In fact, 26 percent of these errors involve people mistakenly sending sensitive information to the wrong person.

Even if sixty-three percent of confirmed data breaches involve using weak, default or stolen passwords and most of attack exploits are known vulnerabilities, those vulnerabilities have never been patched despite being available for months, or even years.

“That's the thing that is so maddening for security personnel, because you can't always tell where the fire is”.

Referring to FIG. 4A to FIG. 4C, spying devices available in internet market show that the confidential information in enterprise is being threatened by various devices and malicious attempts.

In general, the devices are too tiny and in various shapes that it is very difficult to detect.

Thus, malicious users in enterprise offices or remote offices can take photos, video shots, or record conversation in meeting room.

Considering that most smart phones are equipped with high-quality camera and voice recorder, there are no ways to prevent from exfiltration of internal documents shared by intranet.

In other words, those technologies which have provided so far very effective ways to prevent illegal copy from computer systems and transfer to third parties through wired or wireless networks, or storage devices, including DRM and DLP, cannot provide any protection mechanism in the age of micro devices and smart phones.

Traditional DRM technology, because of encryption functions and access control function, can make copied content useless at the third party's computer.

However, when the content is taken photo by smart phones or scanned after printing, there is no effective way to prevent display on third party's terminal.

However, when a user utilizes ‘air mode’ of smart phones, it is very hard to prevent silent operation of recording voices in meeting room and of taking photos, videos of confidential documents displayed on user terminal screen.

Referring to FIG. 5, a case of information leakage shows that DRM systems were already deployed in various enterprise computing environment, but cannot prevent all attempts to transfer valuable information to the third party.

This is DRM system's failing case in which legitimate users purposefully take actions allowed by existing DRM system and then take advantages of security holes.

One of the legitimate users printed and uploaded the document after scanning to P2P site, BitTorrent, which made a devastating effect in terms of reputation and financial loss.

Even if access control function of DRM or DLP (Data Loss Prevention / Data Leakage prevention) technology is employed in preventing illegitimate activities by blocking ‘printing’‘transfer to the third party’ or ‘make on portable storage devices’, or by encrypting document in work or in storage, it cannot prevent information leakage conducted through legitimate activities.

Furthermore, if the malicious users make copy of the confidential information using micro devices, or smart phones at remote offices, mainly home offices, or offices of partner companies, there is no practical measure to prevent those activities.

Images